From: Luke Howard Date: Wed, 8 Sep 2010 16:11:24 +0000 (+0200) Subject: Cleanup X-Git-Url: http://www.project-moonshot.org/gitweb/?p=cyrus-sasl.git;a=commitdiff_plain;h=86456dfa6bb163107e6476788413edfbaa1cc1f5 Cleanup --- diff --git a/mech_eap/canonicalize_name.c b/mech_eap/canonicalize_name.c index 0d5e277..f04f75d 100644 --- a/mech_eap/canonicalize_name.c +++ b/mech_eap/canonicalize_name.c @@ -38,8 +38,7 @@ gss_canonicalize_name(OM_uint32 *minor, const gss_OID mech_type, gss_name_t *output_name) { - if (mech_type != GSS_C_NULL_OID && - !gssEapIsMechanismOid(mech_type)) { + if (!gssEapIsMechanismOid(mech_type)) { *minor = 0; return GSS_S_BAD_MECH; } diff --git a/mech_eap/display_name.c b/mech_eap/display_name.c index 4022efd..96e1613 100644 --- a/mech_eap/display_name.c +++ b/mech_eap/display_name.c @@ -65,7 +65,7 @@ gss_display_name(OM_uint32 *minor, krb5_free_unparsed_name(krbContext, krbName); - *output_name_type = (gss_OID)GSS_EAP_NT_PRINCIPAL_NAME; + *output_name_type = GSS_EAP_NT_PRINCIPAL_NAME; return GSS_S_COMPLETE; } diff --git a/mech_eap/display_status.c b/mech_eap/display_status.c index 4e259bb..3b872dc 100644 --- a/mech_eap/display_status.c +++ b/mech_eap/display_status.c @@ -47,8 +47,7 @@ gss_display_status(OM_uint32 *minor, status_string->length = 0; status_string->value = NULL; - if (mech_type != GSS_C_NO_OID && - !gssEapIsMechanismOid(mech_type)) { + if (!gssEapIsMechanismOid(mech_type)) { return GSS_S_BAD_MECH; } diff --git a/mech_eap/export_name.c b/mech_eap/export_name.c index 66664ef..667849a 100644 --- a/mech_eap/export_name.c +++ b/mech_eap/export_name.c @@ -37,5 +37,10 @@ gss_export_name(OM_uint32 *minor, const gss_name_t input_name, gss_buffer_t exported_name) { + if (input_name == GSS_C_NO_NAME) { + *minor = EINVAL; + return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME; + } + return gssEapExportName(minor, input_name, exported_name, 0); } diff --git a/mech_eap/export_name_composite.c b/mech_eap/export_name_composite.c index c518323..97e6dd5 100644 --- a/mech_eap/export_name_composite.c +++ b/mech_eap/export_name_composite.c @@ -37,5 +37,10 @@ gss_export_name_composite(OM_uint32 *minor, gss_name_t input_name, gss_buffer_t exported_name) { + if (input_name == GSS_C_NO_NAME) { + *minor = EINVAL; + return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME; + } + return gssEapExportName(minor, input_name, exported_name, 1); } diff --git a/mech_eap/gssapi_eap.h b/mech_eap/gssapi_eap.h index 0e5bb96..5ae5db1 100644 --- a/mech_eap/gssapi_eap.h +++ b/mech_eap/gssapi_eap.h @@ -39,12 +39,12 @@ extern "C" { #endif /* __cplusplus */ -extern const gss_OID_desc *const GSS_EAP_MECHANISM; -extern const gss_OID_desc *const GSS_EAP_AES128_CTS_HMAC_SHA1_96_MECHANISM; -extern const gss_OID_desc *const GSS_EAP_AES256_CTS_HMAC_SHA1_96_MECHANISM; +extern gss_OID GSS_EAP_MECHANISM; +extern gss_OID GSS_EAP_AES128_CTS_HMAC_SHA1_96_MECHANISM; +extern gss_OID GSS_EAP_AES256_CTS_HMAC_SHA1_96_MECHANISM; /* name type */ -extern const gss_OID_desc *const GSS_EAP_NT_PRINCIPAL_NAME; +extern gss_OID GSS_EAP_NT_PRINCIPAL_NAME; #ifdef __cplusplus } diff --git a/mech_eap/inquire_names_for_mech.c b/mech_eap/inquire_names_for_mech.c index e4e1980..fe3c64e 100644 --- a/mech_eap/inquire_names_for_mech.c +++ b/mech_eap/inquire_names_for_mech.c @@ -37,5 +37,36 @@ gss_inquire_names_for_mech(OM_uint32 *minor, gss_OID mechanism, gss_OID_set *name_types) { - GSSEAP_NOT_IMPLEMENTED; + OM_uint32 major, tmpMinor; + + if (!gssEapIsMechanismOid(mechanism)) { + *minor = 0; + return GSS_S_BAD_MECH; + } + + major = gss_create_empty_oid_set(minor, name_types); + if (GSS_ERROR(major)) + goto cleanup; + + major = gss_add_oid_set_member(minor, GSS_C_NT_USER_NAME, name_types); + if (GSS_ERROR(major)) + goto cleanup; + + major = gss_add_oid_set_member(minor, GSS_C_NT_HOSTBASED_SERVICE, name_types); + if (GSS_ERROR(major)) + goto cleanup; + + major = gss_add_oid_set_member(minor, GSS_C_NT_EXPORT_NAME, name_types); + if (GSS_ERROR(major)) + goto cleanup; + + major = gss_add_oid_set_member(minor, GSS_EAP_NT_PRINCIPAL_NAME, name_types); + if (GSS_ERROR(major)) + goto cleanup; + +cleanup: + if (GSS_ERROR(major)) + gss_release_oid_set(&tmpMinor, name_types); + + return major; } diff --git a/mech_eap/util.h b/mech_eap/util.h index 4f0f98a..cdcabd3 100644 --- a/mech_eap/util.h +++ b/mech_eap/util.h @@ -230,13 +230,15 @@ sequenceInit(void **vqueue, uint64_t seqnum, /* util_token.c */ enum gss_eap_token_type { - TOK_TYPE_EAP_RESP = 0x0601, - TOK_TYPE_EAP_REQ = 0x0602, - TOK_TYPE_GSS_CB = 0x0603, - TOK_TYPE_MIC = 0x0404, - TOK_TYPE_WRAP = 0x0504, - TOK_TYPE_DELETE = 0x0405, - TOK_TYPE_NONE = 0xFFFF + TOK_TYPE_NONE = 0x0000, + TOK_TYPE_EAP_RESP = 0x0601, + TOK_TYPE_EAP_REQ = 0x0602, + TOK_TYPE_GSS_CB = 0x0603, + TOK_TYPE_MIC = 0x0404, + TOK_TYPE_WRAP = 0x0504, + TOK_TYPE_EXPORT_NAME = 0x0401, + TOK_TYPE_EXPORT_NAME_COMPOSITE = 0x0402, + TOK_TYPE_DELETE = 0x0405, }; size_t diff --git a/mech_eap/util_mech.c b/mech_eap/util_mech.c index 1888feb..745108f 100644 --- a/mech_eap/util_mech.c +++ b/mech_eap/util_mech.c @@ -61,17 +61,16 @@ static const gss_OID_desc gssEapConcreteMechs[] = { { 12, "\x06\x0A\x2B\x06\x01\x04\x01\xA9\x4A\x15\x01\x12" } }; -const gss_OID_desc *const GSS_EAP_MECHANISM = - &gssEapConcreteMechs[0]; -const gss_OID_desc *const GSS_EAP_AES128_CTS_HMAC_SHA1_96_MECHANISM = - &gssEapConcreteMechs[1]; -const gss_OID_desc *const GSS_EAP_AES256_CTS_HMAC_SHA1_96_MECHANISM = - &gssEapConcreteMechs[2]; +gss_OID GSS_EAP_MECHANISM = &gssEapConcreteMechs[0]; +gss_OID GSS_EAP_AES128_CTS_HMAC_SHA1_96_MECHANISM = &gssEapConcreteMechs[1]; +gss_OID GSS_EAP_AES256_CTS_HMAC_SHA1_96_MECHANISM = &gssEapConcreteMechs[2]; int gssEapIsMechanismOid(const gss_OID oid) { - if (oidEqual(oid, GSS_EAP_MECHANISM)) { + if (oid == GSS_C_NO_OID) { + return TRUE; + } else if (oidEqual(oid, GSS_EAP_MECHANISM)) { return TRUE; } else if (oid->length > gssEapMechPrefix.length && memcmp(oid->elements, gssEapMechPrefix.elements, diff --git a/mech_eap/util_name.c b/mech_eap/util_name.c index abe60c0..a36c0d9 100644 --- a/mech_eap/util_name.c +++ b/mech_eap/util_name.c @@ -60,8 +60,7 @@ static const gss_OID_desc gssEapNtPrincipalName = { 12, "\x06\x0A\x2B\x06\x01\x04\x01\xA9\x4A\x15\x02\x01" }; -const gss_OID_desc *const GSS_EAP_NT_PRINCIPAL_NAME = - &gssEapNtPrincipalName; +gss_OID GSS_EAP_NT_PRINCIPAL_NAME = &gssEapNtPrincipalName; OM_uint32 gssEapAllocName(OM_uint32 *minor, gss_name_t *pName) @@ -218,6 +217,7 @@ importExportedName(OM_uint32 *minor, int composite = 0; size_t len, remain; gss_buffer_desc buf; + enum gss_eap_token_type tok_type; GSSEAP_KRB_INIT(&krbContext); @@ -227,44 +227,39 @@ importExportedName(OM_uint32 *minor, if (remain < 6 + GSS_EAP_MECHANISM->length + 4) return GSS_S_BAD_NAME; - if (*p++ != 0x04) + /* TOK_ID */ + tok_type = load_uint16_be(p); + if (tok_type != TOK_TYPE_EXPORT_NAME && + tok_type != TOK_TYPE_EXPORT_NAME_COMPOSITE) return GSS_S_BAD_NAME; - - switch (*p++) { - case 0x02: - composite = 1; - break; - case 0x01: - break; - default: - return GSS_S_BAD_NAME; - break; - } + p += 2; remain -= 2; + /* MECH_OID_LEN */ len = load_uint16_be(p); if (len != 2 + GSS_EAP_MECHANISM->length) return GSS_S_BAD_NAME; p += 2; remain -= 2; - if (*p++ != 0x06) + /* MECH_OID */ + if (p[0] != 0x06) return GSS_S_BAD_NAME; - if (*p++ != GSS_EAP_MECHANISM->length) + if (p[1] != GSS_EAP_MECHANISM->length) return GSS_S_BAD_MECH; - remain -= 2; - if (memcmp(p, GSS_EAP_MECHANISM->elements, GSS_EAP_MECHANISM->length)) return GSS_S_BAD_MECH; - p += GSS_EAP_MECHANISM->length; - remain -= GSS_EAP_MECHANISM->length; + p += 2 + GSS_EAP_MECHANISM->length; + remain -= 2 + GSS_EAP_MECHANISM->length; + /* NAME_LEN */ len = load_uint32_be(p); p += 4; if (remain < len) return GSS_S_BAD_NAME; + /* NAME */ buf.length = len; buf.value = p; @@ -315,7 +310,7 @@ OM_uint32 gssEapExportName(OM_uint32 *minor, gss_buffer_t exportedName, int composite) { - OM_uint32 major, tmpMinor; + OM_uint32 major = GSS_S_FAILURE, tmpMinor; krb5_context krbContext; char *krbName = NULL; size_t krbNameLen; @@ -325,12 +320,6 @@ OM_uint32 gssEapExportName(OM_uint32 *minor, exportedName->value = NULL; GSSEAP_KRB_INIT(&krbContext); - - if (name == GSS_C_NO_NAME) { - *minor = EINVAL; - return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME; - } - GSSEAP_MUTEX_LOCK(&name->mutex); /* @@ -342,10 +331,8 @@ OM_uint32 gssEapExportName(OM_uint32 *minor, } *minor = krb5_unparse_name(krbContext, name->krbPrincipal, &krbName); - if (*minor != 0) { - major = GSS_S_FAILURE; + if (*minor != 0) goto cleanup; - } krbNameLen = strlen(krbName); exportedName->length = 6 + GSS_EAP_MECHANISM->length + 4 + krbNameLen; @@ -357,26 +344,30 @@ OM_uint32 gssEapExportName(OM_uint32 *minor, exportedName->value = GSSEAP_MALLOC(exportedName->length); if (exportedName->value == NULL) { *minor = ENOMEM; - major = GSS_S_FAILURE; goto cleanup; } + /* TOK | MECH_OID_LEN */ p = (unsigned char *)exportedName->value; - *p++ = 0x04; - if (composite) { - *p++ = 0x02; - } else { - *p++ = 0x01; - } + store_uint16_be(composite + ? TOK_TYPE_EXPORT_NAME_COMPOSITE + : TOK_TYPE_EXPORT_NAME, + p); + p += 2; store_uint16_be(GSS_EAP_MECHANISM->length + 2, p); p += 2; + + /* MECH_OID */ *p++ = 0x06; *p++ = GSS_EAP_MECHANISM->length & 0xff; memcpy(p, GSS_EAP_MECHANISM->elements, GSS_EAP_MECHANISM->length); p += GSS_EAP_MECHANISM->length; + /* NAME_LEN */ store_uint32_be(krbNameLen, p); p += 4; + + /* NAME */ memcpy(p, krbName, krbNameLen); p += krbNameLen;